Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack
A serious security flaw affecting the Eventin plugin, a popular event management solution for WordPress, was recently discovered by Denver Jackson, a member of the…
Category: GBHackers
Ivanti Endpoint Manager Vulnerabilities Allow Unauthenticated Remote Code Execution
Critical vulnerability chain in Ivanti Endpoint Manager Mobile (EPMM) has exposed enterprise mobile device management systems to pre-authenticated remote code execution (RCE) attacks. The flaws,…
SSH Auth Key Reuse Uncovers Advanced Targeted Phishing Campaign
A meticulously orchestrated phishing campaign targeting Kuwait’s fisheries, telecommunications, and insurance sectors has been exposed by Hunt.io researchers, revealing a sprawling network of over 230…
Cybercriminal Andrei Tarasov Escapes US Extradition, Returns to Russia
Andrei Vladimirovich Tarasov, a 33-year-old Russian cybercrime figure known online as “Aels,” has returned to Russia after evading US extradition. Released from Berlin’s Moabit Prison…
Windows 10 KB5058379 Update Causes PCs to Enter Recovery Mode and Prompt for BitLocker Key
Security update KB5058379 for Windows 10, released in May 2025, is causing significant technical issues for numerous systems. Users report their devices are unexpectedly booting…
APT Group 123 Targets Windows Systems in Ongoing Malicious Payload Campaign
Group123, a North Korean state-sponsored Advanced Persistent Threat (APT) group also known by aliases such as APT37, Reaper, and ScarCruft, continues to target Windows-based systems…
Frigidstealer Malware Targets macOS Users to Harvest Login Credentials
An macOS users, a new information-stealing malware dubbed FrigidStealer has emerged as a formidable threat since January 2025. This insidious malware capitalizes on user trust…
FBI Alerts Public to Malicious Campaign Impersonating US Government Officials
Federal Bureau of Investigation has issued a warning about an ongoing malicious messaging campaign targeting current and former senior US government officials and their contacts.…
Jenkins Released Security Updates – Multiple Vulnerabilities Fixed That Allow Attackers to Exploit CI/CD Pipelines
Jenkins, the widely used automation server for CI/CD pipelines, has released a critical security advisory addressing several vulnerabilities in popular plugins. These flaws-ranging from authentication…
SonicWall SMA1000 Vulnerability Allow Attackers to Exploit Encoded URLs To Remotely Gain Internal Systems Access
SonicWall has issued a critical security advisory (SNWLID-2025-0010) for its SMA1000 Appliance Work Place interface, revealing a high-severity Server-Side Request Forgery (SSRF) vulnerability. The flaw,…
Pwn2Own Day 1 – Windows 11, Red Hat Linux, & Oracle VirtualBox Hacked
Security researchers successfully illustrated significant vulnerabilities across several platforms on the first day of Pwn2Own Berlin 2025, taking home a total of $260,000 in prizes.…
Hackers Leveraging PowerShell to Bypass Antivirus and EDR Defenses
Cybersecurity researchers have uncovered a growing trend in which threat actors are exploiting Microsoft PowerShell a legitimate Windows command-line interface to bypass advanced antivirus and…